Beth Jones Sanborn

Anna Loengard, Tim Putnam to share insights on harnessing data and analytics for population health success in transition from volume to value.

According to a new report from Kaspersky Lab, healthcare employees in the U.S. and Canada not only admit their organizations have fallen victim to ransomware cybersecurity attacks, they also claim it wasn’t a one-time occurrence. The report, titled “Cyber Pulse: The State of Cybersecurity in Healthcare,” stems from a survey conducted by research firm Opinion Matters that included 1,758 healthcare employees in roles ranging from doctors and surgeons to administration and IT staff. All were located in the United States and Canada. WHY IT MATTERS The findings expose a “continuous pattern of ransomware cybersecurity attacks plaguing organizations” in the healthcare industry. It also shed light on employee perceptions and behaviors. Among the results, one important finding showed that organizations don’t always learn their lesson the first time around. Of the respondents who stated they were aware a ransomware cybersecurity attack had taken place in their organization, 33 percent noted that it had happened more than once. THE TREND Just this year, there have been more than 100 hacking/IT-related healthcare organization incidents affecting 500 or more individuals, according to the U.S. Department of Health and Human Services, tasking healthcare IT staff with the monumental challenge of preventing future incidents in their own systems. More than one-in-four healthcare IT employees in North America admitted their employer has experienced a ransomware cybersecurity attack within the past year and of those healthcare employees aware of a cyberattack occurring, 85 percent of Canadians and 78 percent of Americans said their organizations had fallen victim to up to five ransomware cybersecurity attacks in the past five years or more, showing missed opportunities to learn lessons and implement new best practices. The repeated attacks, however, are not for lack of caring on the part of employees, the survey said. In fact, for 71 percent of responding employees, the top reason healthcare employees cared about having cybersecurity measures in place at their organizations was to protect patients, followed by 60 percent who said they wanted to protect people and organizations they work with. Finally, and nearly a third of respondents said they didn’t want to lose their job thanks to not having adequate cybersecurity measures. Additionally, employees are willing and able to be vigilant, with 57 percent of employees of very small businesses saying they would report a suspicious email to their employer’s IT team, as opposed to almost three quarters of those working at small or medium businesses and 79 percent of employees working at enterprises. ON THE RECORD “Through our study, we found that healthcare employees in North America were confident that their organization would not suffer a data breach in the forthcoming year, but whether they realize it or not, their industry is suffering hundreds of breaches a year,” said Rob Cataldo, vice president of enterprise sales at Kaspersky Lab. “Healthcare companies have become a major target for cybercriminals due to the successes they’ve had, and repeatedly have, in attacking these businesses. As organizations look to improve their cybersecurity strategies to justify employee confidence, they must examine their approach. Business leaders and IT personnel need to work together to create a balance of training, education, and security solutions strong enough to manage the risk.”   Twitter: @BethJSanborn Email the writer: beth.sanborn@himssmedia.com

The tool, Patient Unified Lookup System, enabled volunteers to access patient information and and deliver quality care, especially medication.

Edward Klatt, a pathology expert at Mercer University School of Medicine says system leaders must be all in on promoting better coping skills.

The problem was the web of multiple EMRs that complicated the process and created dramatic variances in the way referrals were processed.

The problem was the web of multiple EMRs that complicated the process and created dramatic variances in the way referrals were processed.

Marc Harrison said the escalation process, which includes daily huddles with all levels of staff, has provided operational clarity, improved safety.

In Part 2 of our series on the hospital mergers, a look at the common problems and advice about how to sidestep them.

Hennepin's Alex Knutson-Smisek says using the EHR to pinpoint SDOH was a hard sell but the work that followed was not overly complex.

Case study: Grady Health used an AI machine to generate which patients were most at risk of coming back to them within 30 days, and then dispatched EMS staff to visit them.